PAXsims

Conflict simulation, peacebuilding, and development

Review: Curry and Price, Dark Guest (Training Games for Cyber Warfare)

John Curry and Tim Price, Dark Guest: Training Games for Cyber Warfare (Volume 1: Wargaming Internet Based Attacks). 2nd edition. History of Wargaming Project, 2013. 97pp.  £12.95

darkguestThis booklet is intended as a guide and aid for those involved in promoting broader awareness of “cyber warfare” and information security within their organizations. It consists of a discussion of the challenges of training on the issue, and overview of cyberwargaming, and a brief discussion of the rise of hacking and hactivism. Thereafter, it presents five games that can be used (or modified) in a training context:

  • In “Enterprise Defender” a hacker team secretly prepares descriptions of possible cyber attacks while a security team identifies IT defences. These are then discussed and resolved by an umpire as a way of both exploring the issue and generating a broader exploration of the topic.
  • “All Your Secrets are Mine” is a matrix game, whereby participants examine hacking and military-industrial espionage through a series of verbal actions and counter-actions that are assigned a probability weight by the umpire, then resolved with dice.
  • “Conspiracy” is a card game in which participants create the cards prior to game play, and is intended to show the interactive and interconnected nature of hacking and cyberwarfare.
  • “Media Wars” involves efforts by a fictional environmental group that has seized control of an oil refinery and is trying to get its message out, while the local government and other stakeholders also compete to influence the information space. Again, the primary game mechanism is one of teams developing media strategies, which are then rated by an umpire, with effects also dependent on a die-roll.
  • Finally, “Talinn  Soldier” is crisis game based on the 2007 attacks against Estonian government and private sector servers by pro-Russian activists.

The games are not technical ones. Indeed, experts in cybercrime, warfare, and hacktivism may find the lack of technical detail and analysis in this volume surprising.

If so, they would be missing the point. Dark Guest is intended to provide resources for those who have the task of spreading awareness of cyberwarfare issues within larger organizations, possibly inspiring them to modify the sample games provided or develop their own for their own particular needs. The games are thus designed to encourage non-IT specialists and managers to think about potential vulnerabilities (although some might also encourage IT specialists to go beyond issues of hardware and software to reflect on more general questions of policy, strategy, and context). All of the games are relatively free-form, and most are rather abstract. They are thus highly adaptable and designed to promote discussion-through-play. Most can also be played quite quickly, making them very suitable as ice-breakers or to provide a change-of-pace as part of a broader training programme. A previous edition of Dark Guest included a full rules-based card game on cyberwarfare, which has been dropped in this edition precisely because the authors feel that a book containing “generic ideas… [with] wider application” would be more useful for those seeking to integrate serious games into their training process.

One key aspect that the authors note, but could do more to address, is the fundamental importance of effective game facilitation and umpiring in free-form games such as these. Considerable skill is required to do this, since the moderator simultaneously needs to run the game, adjudicate actions (in a way that participants find convincing), maintain player engagement, deal with less cooperative players or those “fighting the scenario,” while all the time exploiting the teachable moments that the game generates. Experienced teachers may have some of these skills, and experienced role-playing-game “dungeon masters” have others—but not all neophytes have all of them. Given that this is volume 1 in what promise to be a continuing series—and given its association with the longstanding History of Wargaming research and publication project—this may well be an aspect that the authors turn to in a subsequent volume.

 

2 responses to “Review: Curry and Price, Dark Guest (Training Games for Cyber Warfare)

  1. brtrain 21/04/2014 at 4:23 pm

    I read the title too quickly and thought, “Curry and rice, ooooh!” I shouldn’t check my emails before eating.
    I have the first edition, which does not include the “Media Wars” game but does have the “Hack This!” game, dropped in this edition. I can understand the authors’ preference to present a game playable right out of the book but perhaps this was a prudent move. Is the “Conspiracy” game something like the Dvorak/ 1000 Blank White Cards school of improvised pieces?

  2. John Curry 30/04/2014 at 4:00 pm

    The aim of the 2nd edition was to produce a book with the simplest possible training games in it. Later volumes will cover more in depth material. The conspiracy game aims to get the players to generate cards and rate the effect of each action on the key stakeholders. This analysis should lead players to realise for example that attacking the state can strength the state.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: